Cloud security and security architecture
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Cloud security and security architecture

  • 5,067 views
Uploaded on

Presentation that I gave at ISC2 SecureLondon conference in London on 11th December 2012.

Presentation that I gave at ISC2 SecureLondon conference in London on 11th December 2012.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
5,067
On Slideshare
5,065
From Embeds
2
Number of Embeds
1

Actions

Shares
Downloads
205
Comments
0
Likes
2

Embeds 2

https://twitter.com 2

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Do visit the websiteDo join the LinkedIn Groups – you will receive regular email updates

Transcript

  • 1. Security architecture and Cloudcomputing, are these mutually exclusive? (Introduction to Cloud Security Guidance)
  • 2. Agenda Cloud risk assessment x compared to traditional risk assessments Cloud security architectures x compared to security architectures CSA domains Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 3. Cloud risk assessment Identify Context assets establishmentMap the data Evaluate flows assets Risk Risk communication assessment Evaluate Map to Cloud Cloud deployments models and Risk treatment models Providers Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 4. Cloud modelBroad network Rapid elasticity Measured On-demand access service service Resource poolingSoftware as a Platform as a InfrastructureService (SaaS) Service (SaaS) as a Service (SaaS)Publi Private Hybrid Community c Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 5. Cloud computing deployment models Infrastructure Infrastructure Infrastructure Accessible and managed by owned by located consumed by Third party Third partyPublic Off-premise Untrusted provider provider Organisation Organisation On-premisePrivate/ o TrustedCommunity r 3rd party 3rdparty Off-Premise provider provider Both Organisation Both Organisation Both On-Premise Trusted &Hybrid & Third party & Third party & Off-Premise Untrusted provider provider Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 6. Cloud model maps to Security model Cloud model GRC Business continuity SIEM Data security Identity, Access Direct map Cryptography Application sec. Host security Network security Physical security Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 7. Responsibilities for areas in securitymodel compared to delivery models Provider responsible Customer responsible GRC Business continuity SIEM Identity, Access Cryptography Data security Application sec. Host security Network security Physical securityIaaS PaaS SaaS IaaS PaaS SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 8. Cloud Security Domains Governance Operational Governance and Enterprise Risk  Traditional Security, Business Management Continuity and Disaster Recovery Legal Issues: Contracts and Electronic  Data Center Operations Discovery  Incident Response, Notification and Compliance and Audit Remediation Information Management and Data  Application Security Security  Encryption and Key Management Portability and Interoperability  Identity and Access Management  Virtualization  Security as a Service Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 9. Cloud Security Alliance supports numberof projects related to cloud Get involved at https://cloudsecurityalliance.org/resea rch/https://cloudsecurityalliance.org.uk Copyright © 2012 Cloud Security Alliance
  • 10. How to manage cloud security• Have a cloud security standard • What to do on an Enterprise level • Before your Cloud project • During your Cloud project How to drive out the • BAU seven deadly sins of cloud computing - new Information Security • Exit from the Cloud provider Forum report• Risks cannot be outsourced• Manage lock-in and exit up-front – especially in SaaS Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 11. ContactHelp us secure cloud computing – Get involved• http://cloudsecurityalliance.org.uk• info@cloudsecurityalliance.org.uk• LinkedIn: http://www.linkedin.com/groups/Cloud- Security-Alliance-UK-Chapter-3745837• Twitter: @CSAUKResearch Copyright © 2012 Cloud Security Alliance https://cloudsecurityalliance.org.uk
  • 12. Thank you! www.cloudsecurityalliance.org